Certified Secure Software Lifecycle Professional (CSSLP) 2019: Security Vulnerabilities

CSSLP 2019    |    Intermediate
  • 20 videos | 1h 21m 20s
  • Includes Assessment
  • Earns a Badge
Rating 4.5 of 85 users Rating 4.5 of 85 users (85)
Explore how to identify and assess security vulnerabilities in this 20-video course, in which you will encounter essential secure coding techniques such as versioning, peer-based code reviews, code analysis, and anti-tampering techniques. First, become familiar with malicious practices and the threats outlined in the Open Web Application Security Project (OWASP) Top 10 list and the Common Weakness Enumeration (CWE) list of software weaknesses. You will soon be able to differentiate between CWE and Common Vulnerabilities and Exposure (CVE) lists. Next, learn to describe the characteristics of injection attacks, before watching demonstrations of input validation failures such as buffer overflows, canonical form, missing defense functions, and general programming failures. You will examine how to analyze reuse code for security vulnerabilities, identify malicious code, securely reuse third-party code, and securely integrate components. Finally, learners will hear discussions of defensive coding, side channels, social engineering attacks, source code and versioning. The course prepares learners for the (ISC)2 CSSLP: Certified Secure Software Lifecycle Professional certification exam.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Locate and list the owasp "top 10"
    Locate and list the cwe list of software weaknesses
    Describe characteristics of injection attacks
    Recognize input validation failures such as buffer overflow, canonical, missing defense functions, and general programming failures
    Differentiate between common weakness enumerations and common vulnerabilities and exposure
    Describe side channels
    Describe social engineering attacks such as phishing
    Identify source code and versioning best practices
    Identify build environment best practices such as anti-tampering techniques and compiler switches
  • Recognize characteristics of peer-based code reviews
    Distinguish between static and dynamic code analysis
    List the steps for code signing
    Analyze reused code for security vulnerabilities
    Differentiate between static and dynamic analysis
    Search for and identify malicious code
    Securely reuse third party code or libraries
    Recognize how to securely integrate components such as systems of systems integration
    Debug security errors
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 2m 24s
  • 7m 1s
    In this video, you will locate and list the OWASP "Top 10". FREE ACCESS
  • Locked
    3.  CWE
    3m
    During this video, you will learn how to locate and list the Common Weakness Enumeration (CWE) list of software weaknesses. FREE ACCESS
  • Locked
    4.  Injection Attacks
    9m 6s
    After completing this video, you will be able to describe characteristics of injection attacks. FREE ACCESS
  • Locked
    5.  Input Validation Failures
    7m 16s
    Upon completion of this video, you will be able to recognize input validation failures such as buffer overflow, canonicalization, missing defense functions, and general programming failures. FREE ACCESS
  • Locked
    6.  Common Enumerations
    4m 32s
    In this video, find out how to differentiate between common weakness enumerations and common vulnerabilities and exposures. FREE ACCESS
  • Locked
    7.  Side Channels
    2m 9s
    After completing this video, you will be able to describe side channels. FREE ACCESS
  • Locked
    8.  Social Engineering Attacks
    5m 24s
    Upon completion of this video, you will be able to describe social engineering attacks, such as phishing. FREE ACCESS
  • Locked
    9.  Source Code and Versioning
    4m 34s
    In this video, you will learn how to identify source code and versioning best practices. FREE ACCESS
  • Locked
    10.  Build Environment Best Practices
    3m 32s
    In this video, you will identify build environment best practices, such as anti-tampering techniques and compiler switches. FREE ACCESS
  • Locked
    11.  Peer-based and Manual Code Review
    3m 59s
    Upon completion of this video, you will be able to recognize characteristics of code reviews based on peers. FREE ACCESS
  • Locked
    12.  Code Analysis
    2m 39s
    In this video, learn how to distinguish between static and dynamic code analysis. FREE ACCESS
  • Locked
    13.  Anti-tampering Techniques
    5m 1s
    Upon completion of this video, you will be able to list the steps for code signing. FREE ACCESS
  • Locked
    14.  Code Reuse
    2m 19s
    In this video, you will learn how to analyze code that has been reused for security vulnerabilities. FREE ACCESS
  • Locked
    15.  Static vs. Dynamic Analysis
    5m 26s
    During this video, you will learn how to differentiate between static and dynamic analysis. FREE ACCESS
  • Locked
    16.  Malicious Code
    2m 27s
    In this video, you will learn how to search for and identify malicious code. FREE ACCESS
  • Locked
    17.  Third Party Code
    1m 55s
    In this video, you will learn how to securely reuse third-party code or libraries. FREE ACCESS
  • Locked
    18.  Integrating Components
    1m 57s
    After completing this video, you will be able to recognize how to securely integrate components such as systems of systems integration. FREE ACCESS
  • Locked
    19.  Security Errors
    4m 56s
    In this video, find out how to fix security errors. FREE ACCESS
  • Locked
    20.  Course Summary
    1m 42s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course Certified in Cybersecurity (CC): Data Security & System Hardening
Rating 4.4 of 17 users Rating 4.4 of 17 users (17)
Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Abuse Cases & RTMs
Rating 4.4 of 32 users Rating 4.4 of 32 users (32)
Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Security Design Principles
Rating 4.5 of 280 users Rating 4.5 of 280 users (280)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Threat Modeling
Rating 4.5 of 529 users Rating 4.5 of 529 users (529)
Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Secure Design Principles
Rating 4.5 of 356 users Rating 4.5 of 356 users (356)
Course CISSP 2021: Software Development Security
Rating 4.6 of 125 users Rating 4.6 of 125 users (125)